> -----Original Message-----
> From: piclist-bounces@mit.edu 
> [mailto:piclist-bounces@mit.edu] On Behalf Of Mike Hord
> Sent: 2006 Nov 02, Thu 07:09
> To: Microcontroller discussion list - Public.
> Subject: [EE] Failsafe vs. Redundant, was Automobile LED headlights
> 
> As Russell points out, many people don't know what the 
> difference between "fail safe" and "redundant" is.
> 
> Perhaps as engineers we really should.  I've heard engineers 
> misuse the terms before.  It's an important distinction.
> http://en.wikipedia.org/wiki/Failsafe is a poor explanation 
> of the concept.  Wikipedia DOESN'T know everything.
> 
> Anyone want to take a crack at it?

Fail safe means that a failure is possible and even expected, but that when
it happens, it will do so in a way that is the least likely to do damage.
The device "Fails" in a "Safe" way.

Redundant means that there is more than one system for the function required
and some means of switching from one to the other when a failure is
detected. 


Some (rather bad) examples include:

Redundant is an electric fuel pump behind a mechanical one with a switch to
turn it on if the main pump fails.

Fail safe is when there is a shroud under the fuel pump that directs leaking
gasoline away from the exhaust headers.


Redundant is when the engine has both air and water cooling. 

Fail safe is when the thermostat spring is engineered to corrode away long
before the actuator causing it to fail in the open position rather than
closed.


Redundant is capacitors in series.

Fail safe is capacitors in series with a fuse.


I'm sure someone can improve on that...

---
James.
 

-- 
http://www.piclist.com PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist